Hello,
Recently I scanned a system running Oracle version
8.1.7.4.0. The following vulnerabilities where found:
11563 - Oracle LINK overflow (all 8.1.x releases are
affected)
14641 - Oracle DBS_SCHEDULER vulnerability (8.1.7.4 is
affected)
According the Oracle advisory Oracle version 8.1.7.4.0
is indeed vulnerable.
However, after I updated the plugins last week to test
for the recently reported Oracle vulnerabilities
(plugin 18034) the mentioned issues (11563 and 14641)
are no longer detected anymore. I did not change
anything else in my scan configuration at all.
As far as I can see, the only dependency of all the
mentioned plugins (11563, 14641 and 18034) is
"oracle_tnslsnr_version.nasl". On both scans this test
was succesfully performed and returned the following
result:
This host is running the Oracle tnslsnr: TNSLSNR for
32-bit Windows: Version 8.1.7.4.0 - Production
TNS for 32-bit Windows: Version 8.1.7.4.0 - Production
Oracle Bequeath NT Protocol Adapter for 32-bit
Windows: Version 8.1.7.4.0 - Production
Windows NT Named Pipes NT Protocol Adapter for 32-bit
Windows: Version 8.1.7.4.0 - Production
Windows NT TCP/IP NT Protocol Adapter for 32-bit
Windows: Version 8.1.7.4.0 - Production,,
How is it possible that in the last scan the recently
reported Oracle vulnerabilities are detected while the
older, still present, issues are not detected anymore?
Aren?t they all take there conclusion based on the
results of "oracle_tnslsnr_version.nasl" (Oracle
8.1.7.4.0).
Hope someone can help me on this one.
I'm using Nessus 2.0.12 & Nmap 3.70
Thanks in advance,
David
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
